﻿Imports System.Data.SqlClient

Public Class updatepassword
    Inherits System.Web.UI.Page
    Private objrd As SqlDataReader = Nothing
    Private objexecute As New GetData
    Private sSQL As String
    Private ps As New PreparedStatement(sSQL)
    Dim strErr As String = ""

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        If (Session("uid") <> Nothing And Session("uid") <> "") Then
            If (Request("submitPwd") <> Nothing And Request("submitPwd") <> "") Then
                Dim sh As New SHA1
                Dim password, passworddata, pwd1, memberId As String
                passworddata = ""
                memberId = Session("uid")
                password = oripassword.Text
                password = sh.mySHA(password)
                If password = "" Or password = Nothing Then
                    passwordErr.Text = "此项为必填项"
                    Exit Sub
                End If
                ps.strSql = "select * from member where GAPortal_ID = @memberId"
                ps.parameters.Clear()
                ps.addParameter("memberId", memberId)
                Dim conn As SqlConnection = objexecute.getConn()

                objrd = objexecute.dr(ps, strErr, conn, objrd)
                If (objrd.Read()) Then
                    passworddata = objrd.Item("password")
                End If
                If (Not password.Equals(passworddata)) Then
                    passwordErr.Text = "原密码不正确！"
                    objexecute.closeConn(conn)

                    Exit Sub
                End If
                If pswd.Text = "" Or pswd.Text = Nothing Then
                    pwdErr.Text = "此项为必填项"
                    objexecute.closeConn(conn)

                    Exit Sub
                End If
                If confirmpswd.Text = "" Or confirmpswd.Text = Nothing Then
                    pwdConfirmErr.Text = "此项为必填项"
                    objexecute.closeConn(conn)

                    Exit Sub
                End If
                If Not pswd.Text.Equals(confirmpswd.Text) Then
                    pwdErr.Text = "两次输入的密码不一致"
                    objexecute.closeConn(conn)

                    Exit Sub
                End If
                pwd1 = pswd.Text
                pwd1 = sh.mySHA(pwd1)
                ps.strSql = "update member set password=@password where GAPortal_ID = @memberId"
                ps.parameters.Clear()
                ps.addParameter("memberId", memberId)
                ps.addParameter("password", pwd1)
                objexecute.es(ps, strErr)
                Response.Redirect("members-home.aspx")
                objexecute.closeConn(conn)

            End If
        Else
            Response.Redirect("../cn_login.aspx")
        End If

    End Sub

End Class